<?php
/* -------------------------------------------------------------------------------------
* 	ID:						$Id: gv_send.php 174 2013-09-22 07:55:17Z phone.mueller@googlemail.com $
* 	Letzter Stand:			$Revision: 174 $
* 	zuletzt geaendert von:	$Author: siekiera $
* 	Datum:					$Date: 2013-09-22 07:55:17 +0000 (Sun, 22 Sep 2013) $
*
* 	SEO:mercari by Siekiera Media
* 	http://www.seo-mercari.de
*
* 	Copyright (c) since 2011 SEO:mercari
* --------------------------------------------------------------------------------------
* 	based on:
* 	(c) 2000-2001 The Exchange Project  (earlier name of osCommerce)
* 	(c) 2002-2003 osCommerce - www.oscommerce.com
* 	(c) 2003     nextcommerce - www.nextcommerce.org
* 	(c) 2005     xt:Commerce - www.xt-commerce.com
*
* 	Released under the GNU General Public License
* ----------------------------------------------------------------------------------- */

require ('includes/application_top.php');

if (ACTIVATE_GIFT_SYSTEM != 'true')
	redirect(FILENAME_DEFAULT);

require ('includes/classes/http_client.php');

require_once (DIR_FS_INC.'inc.validate_email.php');

$smarty = new Smarty;

require('templates/'.CURRENT_TEMPLATE.'/source/boxes.php');

if (!isset ($_SESSION['customer_id']))
	redirect(href_link(FILENAME_LOGIN, '', 'SSL'));

if (($_POST['back_x']) || ($_POST['back_y']))
	$_GET['action'] = '';
	
if ($_GET['action'] == 'send') {
	$error = false;
	
	if (!validate_email(trim($_POST['email']))) {
		$error = true;
		$error_email = ERROR_ENTRY_EMAIL_ADDRESS_CHECK;
	}
	
	$gv_result = $db->db_query("SELECT 
									amount 
								FROM 
									".TABLE_COUPON_GV_CUSTOMER." 
								WHERE 
									customer_id = '".$_SESSION['customer_id']."'");
	
	$customer_amount = $gv_result->fields['amount'];
	
	$gv_amount = trim(str_replace(",", ".", $_POST['amount']));
	
	if (preg_match('/0-9/i', $gv_amount)) {
		$error = true;
		$error_amount = ERROR_ENTRY_AMOUNT_CHECK;
	}
	if ($gv_amount > $customer_amount || $gv_amount == 0) {
		$error = true;
		$error_amount = ERROR_ENTRY_AMOUNT_CHECK;
	}
}
if ($_GET['action'] == 'process') {
	$id1 = create_coupon_code($mail['customers_email_address']);
	$gv_result = $db->db_query("SELECT 
									amount 
								FROM 
									".TABLE_COUPON_GV_CUSTOMER." 
								WHERE 
									customer_id='".$_SESSION['customer_id']."'");

	$new_amount = $gv_result->fields['amount'] - str_replace(",", ".", $_POST['amount']);
	$new_amount = str_replace(",", ".", $new_amount);
	
	if ($new_amount < 0) {
		$error = true;
		$error_amount = ERROR_ENTRY_AMOUNT_CHECK;
		$_GET['action'] = 'send';
	} else {
		$gv_customer = $db->db_query("UPDATE ".TABLE_COUPON_GV_CUSTOMER." SET amount = '".$new_amount."' WHERE customer_id = '".$_SESSION['customer_id']."'");
		$gv_customer = $db->db_query("SELECT customers_firstname, customers_lastname FROM ".TABLE_CUSTOMERS." WHERE customers_id = '".$_SESSION['customer_id']."'");

		$gv_query = $db->db_query("INSERT INTO ".TABLE_COUPONS." (coupon_type, coupon_code, date_created, coupon_amount) VALUES ('G', '".$id1."', NOW(), ".str_replace(",", ".", $db->db_prepare($_POST['amount'])).")");
		$insert_id = $db->db_insert_id($gv_query);
		$gv_query = $db->db_query("INSERT INTO ".TABLE_COUPON_EMAIL_TRACK." (coupon_id, customer_id_sent, sent_firstname, sent_lastname, emailed_to, date_sent) VALUES ('".$insert_id."' ,'".$_SESSION['customer_id']."', '".addslashes($gv_customer->fields['customers_firstname'])."', '".addslashes($gv_customer->fields['customers_lastname'])."', ".$db->db_prepare($_POST['email']).", NOW())");

		$gv_email_subject = sprintf(EMAIL_GV_TEXT_SUBJECT, stripslashes($_POST['send_name']));

		$smarty->assign('GIFT_LINK', href_link(FILENAME_GV_REDEEM, 'gv_no='.$id1, 'NONSSL', false));
		$smarty->assign('AMMOUNT', $price->format(str_replace(",", ".", $_POST['amount']), true));
		$smarty->assign('GIFT_CODE', $id1);
		$smarty->assign('MESSAGE', $_POST['message']);
		$smarty->assign('NAME', $_POST['to_name']);
		$smarty->assign('FROM_NAME', $_POST['send_name']);

		$smarty->caching = false;
		require(DIR_FS_INC.'inc.get_mail_body.php');
		$html_mail = $smarty->fetch('html:send_gift_to_friend');
		$html_mail .= $signatur_html;
		$txt_mail = $smarty->fetch('txt:send_gift_to_friend');
		$txt_mail .= $signatur_text;
		require(DIR_FS_INC.'inc.get_mail_data.php');
		$mail_data = get_mail_data('send_gift_to_friend');

		php_mail($mail_data['EMAIL_ADDRESS'], 
				$mail_data['EMAIL_ADDRESS_NAME'], 
				$_POST['email'], 
				$_POST['to_name'], 
				'', 
				$mail_data['EMAIL_REPLAY_ADDRESS'], 
				$mail_data['EMAIL_REPLAY_ADDRESS_NAME'], 
				'', 
				'', 
				$gv_email_subject, 
				$html_mail, 
				$txt_mail);

	}
}
$breadcrumb->add(NAVBAR_GV_SEND);

require (DIR_WS_INCLUDES.'header.php');

if ($_GET['action'] == 'process') {
	$smarty->assign('action', 'process');
	$smarty->assign('GV_SEND_MESSAGE', sprintf(GV_SEND_MESSAGE, $_POST['to_name']));
	$smarty->assign('LINK_DEFAULT', '<a href="'.href_link(FILENAME_DEFAULT, '', 'NONSSL').'">'.image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE).'</a>');
}
if ($_GET['action'] == 'send' && !$error) {
	$smarty->assign('action', 'send');
	$gv_amount = (double) $gv_amount;
	$gv_result = $db->db_query("SELECT customers_firstname, customers_lastname FROM ".TABLE_CUSTOMERS." WHERE customers_id = '".$_SESSION['customer_id']."'");
	$send_name = $gv_result->fields['customers_firstname'].' '.$gv_result->fields['customers_lastname'];
	$smarty->assign('FORM_ACTION', '<form action="'.href_link(FILENAME_GV_SEND, 'action=process', 'NONSSL').'" method="post">');
	$smarty->assign('MAIN_MESSAGE', sprintf(MAIN_MESSAGE, $price->format(str_replace(",", ".", $_POST['amount']), true), stripslashes($_POST['to_name']), $_POST['email'], stripslashes($_POST['to_name']), $price->format(str_replace(",", ".", $_POST['amount']), true), $send_name));
	if ($_POST['message']) {
		$smarty->assign('PERSONAL_MESSAGE', sprintf(PERSONAL_MESSAGE, $gv_result->fields['customers_firstname']));
		$smarty->assign('POST_MESSAGE', stripslashes($_POST['message']));
	}
	$smarty->assign('HIDDEN_FIELDS', draw_hidden_field('send_name', $send_name).draw_hidden_field('to_name', stripslashes($_POST['to_name'])).draw_hidden_field('email', $_POST['email']).draw_hidden_field('amount', $gv_amount).draw_hidden_field('message', stripslashes($_POST['message'])));
	$smarty->assign('LINK_BACK', image_submit('button_back.gif', IMAGE_BUTTON_BACK, 'name=back').'</a>');
	$smarty->assign('LINK_SUBMIT', image_submit('button_send.gif', IMAGE_BUTTON_CONTINUE));
	
} elseif ($_GET['action'] == '' || $error) {
	$smarty->assign('action', '');
	$smarty->assign('FORM_ACTION', draw_form('gv_send', FILENAME_GV_SEND, 'action=send'));
	$smarty->assign('LINK_SEND', href_link(FILENAME_GV_SEND, 'action=send', 'NONSSL'));
	$smarty->assign('INPUT_TO_NAME', draw_input_field('to_name', stripslashes($_POST['to_name'])));
	$smarty->assign('INPUT_EMAIL', draw_input_field('email', $_POST['email']));
	$smarty->assign('ERROR_EMAIL', $error_email);
	$smarty->assign('INPUT_AMOUNT', draw_input_field('amount', $_POST['amount'], '', 'text', false));
	$smarty->assign('ERROR_AMOUNT', $error_amount);
	$smarty->assign('TEXTAREA_MESSAGE', draw_textarea_field('message', 'soft', 50, 15, stripslashes($_POST['message'])));
	$smarty->assign('LINK_SUBMIT', image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE));
}
$smarty->assign('FORM_END', '</form>');
$smarty->assign('language', $_SESSION['language']);
$smarty->caching = false;
$main_content = $smarty->fetch(CURRENT_TEMPLATE.'/module/gv_send.html');

$smarty->assign('language', $_SESSION['language']);
$smarty->assign('main_content', $main_content);
$smarty->caching = false;
if (!defined('RM'))
	$smarty->loadFilter('output', 'note');
$smarty->loadFilter('output','trimwhitespace');
$smarty->display(CURRENT_TEMPLATE.'/index.html');
include ('includes/application_bottom.php');
?>